|
|
These release notes contain important information regarding CiscoSecure Global Roaming Server, Release 1.3 (CiscoSecure GRS). For complete documentation on this product, please refer to the CiscoSecure Global Roaming Server User Guide, Release 1.3.
These release notes discuss the following topics:
The current session count as shown in the web status display is not reset after a network access server ( NAS) running Remote Access Dial-In Service (RADIUS) shuts down or reloads if the NAS does not send appropriate accounting packets notifying of this event; therefore, current MaxSessions are not counted properly. To reset the MaxSessions count after a RADIUS NAS has reloaded, restart CiscoSecure GRS.
The workaround is to use the included unsupported utility named clearnas. You can run this utility to clear the MaxSessions counters without having to restart CiscoSecure GRS. The utility is located in the $GRSHOME/unsupported directory. This is an enhancement request.
If you are using Cisco IOS Release 11.2.x or earlier, CiscoSecure GRS does not currently support MaxSessions for the regional service provider (RSP) NAS with Virtual Private Dial-up Networking (VPDN). While CiscoSecure GRS keeps track of the number of VPDN sessions established, it cannot block those that exceed the MaxSessions parameter. MaxSessions for the RSP NAS is supported with Cisco IOS Release 11.3.x and later. This is an enhancement request.
CiscoSecure GRS does not support running more than one instance at a time of the graphical user interface (GUI) application.
You cannot run the GUI and the command-line interface utilities at the same time.
In the CiscoSecure GRS GUI, the IP Pool table field for RADIUS mapped name accepts only numeric entries. This is an enhancement request.
CiscoSecure GRS currently translates only those Cisco RADIUS attribute-value (AV) pairs required for VPDN; it does not pass AV pairs for access control lists or IP pools. This is an enhancement request.
If you are using CiscoSecure GRS with a Cisco NAS with both the global command configure-nas or an Ascend NAS, along with a RADIUS access control server (ACS) with pseudo-users (for example, for IP pool definition), the authentication requests sent out by the NAS are not directed in the standard manner. The NAS usually sends out requests in the format pools-[NAS_name]. Because the requests do not contain a domain, CiscoSecure GRS does not know where to send them.
One workaround is to configure a domain in CiscoSecure GRS with the NAS name and use the hyphen (-) as a suffix delimiter. Do not configure stripping for this domain. The domain's ACS should be the ACS that contains the RADIUS pseudo-user entries.
A second workaround is to use the new option introduced in CiscoSecure Global Roaming Server, Release 1.3, Forward unknown domain to local. You can enable this option to forward the pseudo-user packets to the local ACS. This is an enhancement request.
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Posted: Wed Feb 24 11:56:30 PST 1999
Copyright 1989-1999©Cisco Systems Inc.